CNNVD-202601-2042 Information

Jan 13, 2026 cve

CNNVD ID

CNNVD-202601-2042

CVE-2026-20805

  • CNNVD Published: 2026-01-13

Description (Chinese)

Microsoft Desktop Windows Manager是美国微软(Microsoft)公司的一个桌面窗口管理器。 Microsoft Desktop Windows Manager存在安全漏洞。攻击者利用该漏洞可以获取敏感信息。以下产品和版本受到影响:Windows Server 2019,Windows Server 2019 (Server Core installation),Windows Server 2022,Windows Server 2022 (Server Core installation),Windows 10 Version 21H2 for 32-bit Systems,Windows 10 Version 21H2 for ARM64-based Systems,Windows 10 Version 21H2 for x64-based Systems,Windows 10 Version 22H2 for x64-based Systems,Windows 10 Version 22H2 for ARM64-based Systems,Windows 10 Version 22H2 for 32-bit Systems,Windows Server 2025 (Server Core installation),Windows 11 Version 25H2 for ARM64-based Systems,Windows 11 Version 25H2 for x64-based Systems,Windows 11 Version 23H2 for ARM64-based Systems,Windows 11 Version 23H2 for x64-based Systems,Windows Server 2022, 23H2 Edition (Server Core installation),Windows 11 Version 24H2 for ARM64-based Systems,Windows 11 Version 24H2 for x64-based Systems,Windows Server 2025,Windows 10 Version 1607 for 32-bit Systems,Windows 10 Version 1607 for x64-based Systems,Windows Server 2016,Windows Server 2016 (Server Core installation),Windows Server 2012,Windows Server 2012 (Server Core installation),Windows Server 2012 R2,Windows Server 2012 R2 (Server Core installation),Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems。

Description (English)

Microsoft Desktop Windows Manager is a desktop window manager for Microsoft USA. Microsoft Desktop Windows Manager has a security gap. The attackers use that loophole to obtain sensitive information. The following products and versions are affected: Wows Service 2019, Wows Service Service 2019, Wow Service Service 20 May, Wow Service Service 2022, Windows Service 2022 (Server Corporation 21H2 for 32-bit Systems, Wows 10 Version 21H2 for ARM 64-systems, Wows Service 10 Versty 2-Sysend 28-Sysend 28-Sysend 28-Sysend 28-Sysend 28-Sysends 28-Sysends 28-Sysends 28-Sysends 29-Sysend 25-Sys Seconds

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

微软

Published

2026-01-13

Last Modified

2026-02-24

References

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20805 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20805

Patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20805

Share on: